On Wed, Mar 23, 2011 at 11:54 PM, Demon <[email protected]> wrote:
> As I suspected this was how my clients were getting these Fake Antivirus > programs, I plugged in a second hand computer and proceeded to go through > the same procedure. > > This time I went further and clicking Remove All took me to a save or run > dialogue. I went through the same procedure with Firefox and it gave the > same results. > > I then went a stage further and saved and ran the executable and sure enough > on restarting the computer the Fake Antivirus Program was well and truly > embedded. > > I went into safe mode. Installed Malware bytes from a pen drive and it > successfully removed the Virus. You need to be Really Careful when trying this sort of exercise. A while back I had a fresh VirtualBox XP VM installed, so I decided to play with a disposable image snapshot and try a similar exercise. A short time later I got a nastygram from my ISP (Comcast) saying that my access to port 25 (direct SMTP) was being shut down. Apparently, just for the minute or so that I was experimenting my VM sent out enough spam to raise a red flag at Comcast. Tread carefully here... dt -- Dave Thayer Denver, CO _______________________________________________ Post Messages to: [email protected] Subscription Maintenance: http://leafe.com/mailman/listinfo/profox OT-free version of this list: http://leafe.com/mailman/listinfo/profoxtech Searchable Archive: http://leafe.com/archives/search/profox This message: http://leafe.com/archives/byMID/profox/[email protected] ** All postings, unless explicitly stated otherwise, are the opinions of the author, and do not constitute legal or medical advice. This statement is added to the messages for those lawyers who are too stupid to see the obvious.
